0

I have an Exchange 2010 server that is visible under 2 MX records mx.acme.com and mx1.acme.com with 2 different IP addreses from 2 different network providers. They both report as mx.acme.com when someone is sending us an email and they both report as mx.acme.com when we send email. But for now the 2nd MX (and ip address that is sending the email has actually different domain name, reverse dns then the one it's reporting when it connects to other servers.

The problem is I don't know which IP Address will be used to send email out so I was thinking to setup same mx.acme.com record in DNS for both Ip addresses, and same Reverse DNS for both at both providers.

Will that work just fine or I'm missing something? I guess then I just have to add one MX record and not two as it would be meaningless to add 2nd.

Current setup looks more or less like this:

MX record: acme.com IN MX 5 mail1.acme.com
A record: mail1.acme.com IN A 192.168.10.17
MX record: acme.com IN MX 10 mail2.acme.com
A record: mail2.acme.com IN A 192.168.10.18

And I would like to change it to:

MX record: acme.com IN MX 5 mail.acme.com
A record: mail.acme.com IN A 192.168.10.17
A record: mail.acme.com IN A 192.168.10.18

As it's the only way I think this will go. The problem I can see is if one Ip address is down and dns will be pointing the server to it no matter what then some mails will bounce off. And I guess for that round-robin to work i will need TTL 0 so DNS (at hosting has to allow that).

MadBoy
  • 3,725
  • 15
  • 63
  • 94
  • What exactly do you want to achieve here? Are there any problems with your current setup? I think the 2x MX records is a better way of doing it, than the round-robin DNS. – MichelZ May 22 '12 at 11:53
  • The problem is that if mails go out thru 2nd ip address on one server they got: `4.7.1 Client host rejected: cannot find your hostname`. When actually i checked and the ip address resolves but it resolves just it doesn't match the name. – MadBoy May 22 '12 at 12:01
  • I guess it could be the other server but apparently (so says on Wiki) some servers report unknown host if the RevDNS doesn't match DNS, – MadBoy May 22 '12 at 12:07
  • So, the best thing would be to get both IP Addresses to resolve to mail.acme.com. I'm sure your provider can help you with that? – MichelZ May 22 '12 at 12:11
  • Yes and i will do that. But the question is should I change the DNS of those ip addresses as well to mail.acme.com or leave it as it is.. Because if i will change it I get Round Robin DNS – MadBoy May 22 '12 at 12:21
  • Come to think of it that mail servers won't be able to verify this anyways since DNS may respond with different IP per test so I guess just by fixing revdns to be on both ip's mail.acme.com should make it work even if DNS for 2nd ip will be something different. – MadBoy May 22 '12 at 12:24
  • Right, I think the target mailserver only does a RDNS lookup, which has to match what it gets from `EHLO`. I don't think the Round Robin DNS will help you in any way, as the MX entries are already supposed to provide failovering. – MichelZ May 22 '12 at 12:32
  • It's more to solve the problem then actually to have failover working. So I'll go with RevDns only. Thanks. – MadBoy May 22 '12 at 12:39
  • Please provide an answer so I can give you points. – MadBoy May 22 '12 at 12:46

1 Answers1

1

You should change your Reverse DNS entries for both IP Addresses to match your EHLO domain mail.acme.com.

This should get rid of your problem :

4.7.1 Client host rejected: cannot find your hostname

MichelZ
  • 11,068
  • 4
  • 32
  • 59